Warning updating the currently checked out branch may cause confusion
The problem could be easily mitigated by extending the response of , instead of making them search for an answer.I've used Composer for quite a while and I still stumble upon this issue every now and then.
Expected behaviour: Composer should see that branch is master and check if commit hash is the same as HEAD, if not it should checkout head.My view is that the lockfile is always supposed to be timeless and canonical -- it should be .If it can't be that, then it's not living up to the promise of a lockfile, imho :) //cc @yfeldblum @Rob Loach EDIT: I've since realized that npm doesn't actually do any dependency resolution, and instead recursively stores every version of a required module at each level.Alternatively we just update packages with such references if they are already installed.So every time you'd run update, it would update this package to master, no matter if there are new commits or not.The other issue that I'd like to mention; Getting a minimum stability error when trying to install a package is infuriating, as it doesn't even tell you what to do.
Instead you're meant to read the docs and google the error message with correct keywords to get a solution.
It would look awkward IMO and would not feel like the other packages. This seems to be the common approach to ensuring lockfiles unambiguously reflect what we want.
NPM was the only package manager I could find that didn't follow this approach, so I suppose we need to decide whose example we want to follow.
It was relayed to me that this has something to do with not really caring about loading everything into memory in JS like you would in another language.
So while NPM is the only outlier, it's for good reason, and we likely want to follow the lead of other package managers that actually do dependency resolution.
Its function is to force Git Extensions to look at the Git repository and refresh itself based on any commits, index changes etc.